package com.ruoqing.user.config;

import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.http.SessionCreationPolicy;
import org.springframework.security.oauth2.config.annotation.web.configuration.EnableResourceServer;
import org.springframework.security.oauth2.config.annotation.web.configuration.ResourceServerConfigurerAdapter;

/**
	* @author YaoXian
	* @title: ResourceServerConfiguration
	* @projectName ruoxi-blog
	* @description: 若兮微服务 - 统一认证与授权 - 用户服务资源服务器配置
	* @date 2020-12-13 16:00
	*/

@Configuration
@EnableResourceServer
@EnableGlobalMethodSecurity(prePostEnabled = true, securedEnabled = true, jsr250Enabled = true)
public class ResourceServerConfiguration extends ResourceServerConfigurerAdapter {

		/**
			* 用户服务开放所有端点
			* @param http
			* @throws Exception
			*/
		@Override
		public void configure(HttpSecurity http) throws Exception {
				http
								.exceptionHandling()
								.and()
								.sessionManagement().sessionCreationPolicy(SessionCreationPolicy.STATELESS)
								.and()
								.authorizeRequests()
								// 开放所有端点
								.anyRequest().permitAll();
		}

}